This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/3-aeAF9JbG6A7EKmb0-yXbrWG9U.roa File: 3-aeAF9JbG6A7EKmb0-yXbrWG9U.roa (raw, json) Hash identifier: 6cfvDO7cAOavBYLuMAAporfmguQ3iwhofngemcXPiL4= Subject key identifier: DF:E6:9E:00:5F:49:6C:6E:80:EC:42:A6:6F:4F:B2:5D:BA:D6:1B:D5 Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370 Certificate serial: 019B7F15C73615A9B91E921668E35E6E8727 Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/3-aeAF9JbG6A7EKmb0-yXbrWG9U.roa Signing time: Fri 02 Jan 2026 14:21:32 +0000 ROA not before: Fri 02 Jan 2026 14:21:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7018 IP address blocks: 2a0e:e380::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:c7:36:15:a9:b9:1e:92:16:68:e3:5e:6e:87:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370 Validity Not Before: Jan 2 14:21:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dfe69e005f496c6e80ec42a66f4fb25dbad61bd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:58:cb:d3:b3:3d:bd:48:8b:bb:a7:7a:94:e4: 1a:9c:43:1c:22:f8:18:e8:46:79:6e:a8:7c:09:18: 24:67:8c:75:40:e3:a6:e8:40:74:32:f1:77:76:97: 6e:4a:a0:e0:04:be:f9:96:fc:bd:33:13:1b:18:0b: a2:a5:bc:9c:2a:83:4e:73:cb:d4:9e:db:8c:2f:67: 59:9a:8d:fb:d9:10:cf:a1:b9:55:fe:6d:99:fd:a1: 1c:b1:00:50:68:96:12:3e:ef:4b:d6:ce:cd:8e:81: a3:04:d8:24:98:46:7c:78:d3:3c:d8:77:81:12:02: 71:93:6a:33:da:7d:24:35:42:de:17:13:1e:d9:29: 7b:5b:f1:f3:e7:c9:84:ef:66:b4:c0:ce:23:61:d7: 32:6b:0a:e4:3b:38:2e:9e:2f:dc:1b:aa:7b:ba:4e: 66:94:5e:6b:e3:ce:c5:c8:23:b8:1f:21:fc:b7:d7: e6:94:cc:50:71:2d:01:1f:31:d7:09:8b:5f:ac:d2: 14:86:d5:1b:40:d9:98:a0:b3:09:79:da:55:84:c0: c4:c8:5c:51:5b:d3:c5:15:60:0d:8b:e5:99:b8:83: 70:f1:e7:fa:e4:cd:58:78:cc:9c:9b:c6:b6:93:06: 81:6d:66:1c:e7:20:56:41:bf:61:44:ae:d2:aa:24: c0:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:E6:9E:00:5F:49:6C:6E:80:EC:42:A6:6F:4F:B2:5D:BA:D6:1B:D5 X509v3 Authority Key Identifier: keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/3-aeAF9JbG6A7EKmb0-yXbrWG9U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:e380::/29 Signature Algorithm: sha256WithRSAEncryption 84:6b:f2:51:31:5a:7b:22:fe:77:40:af:10:f6:ec:7e:50:ae: 34:62:9a:b3:17:ef:a5:88:eb:a4:10:af:ef:6d:65:12:c2:b4: bf:c5:6a:7a:c3:1a:c3:f4:33:a2:a5:96:f0:15:f4:3a:0a:30: 91:25:0e:82:06:79:a3:15:a6:9b:23:10:77:1f:96:2c:f2:72: d7:85:00:ce:4c:fa:b0:a4:fc:8e:cb:2e:f7:c2:95:3e:0f:62: ac:d4:0d:23:42:cb:dc:1d:44:75:d3:a3:48:3f:ba:2f:8d:cd: 4c:d1:2d:fe:dd:9e:f0:8d:f9:89:5e:58:da:ec:bf:8b:d4:bc: 95:d9:51:2f:37:1f:1c:0a:c1:86:1f:72:c2:af:fe:0a:e5:1d: 03:d4:59:19:c6:4e:d9:71:bf:3b:0c:25:05:fb:ee:4c:fa:63: dd:95:61:bd:6d:51:5a:16:c4:8e:a0:69:07:8d:25:09:a2:33: 48:33:08:59:44:4b:8f:c0:72:d2:eb:ff:f7:31:23:5e:ec:b6: e8:a6:e8:d8:a2:4b:a3:30:e9:14:19:71:b0:72:87:51:c4:56: b7:55:e5:f9:72:d7:e3:05:95:ec:9f:f6:2f:a5:8b:fb:55:99: 44:da:18:42:71:81:0b:3a:db:8e:64:f2:02:cb:07:51:03:23: 5d:7f:f1:d5 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/Fcc2Fam5HpIWaONebocnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk YTEzNzAwHhcNMjYwMTAyMTQyMTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZmU2OWUwMDVmNDk2YzZlODBlYzQyYTY2ZjRmYjI1ZGJhZDYxYmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiljL07M9vUiLu6d6lOQanEMcIvgY 6EZ5bqh8CRgkZ4x1QOOm6EB0MvF3dpduSqDgBL75lvy9MxMbGAuipbycKoNOc8vU ntuML2dZmo372RDPoblV/m2Z/aEcsQBQaJYSPu9L1s7NjoGjBNgkmEZ8eNM82HeB EgJxk2oz2n0kNULeFxMe2Sl7W/Hz58mE72a0wM4jYdcyawrkOzguni/cG6p7uk5m lF5r487FyCO4HyH8t9fmlMxQcS0BHzHXCYtfrNIUhtUbQNmYoLMJedpVhMDEyFxR W9PFFWANi+WZuINw8ef65M1YeMycm8a2kwaBbWYc5yBWQb9hRK7SqiTAuwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFN/mngBfSWxugOxCpm9Psl261hvVMB8GA1UdIwQY MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt NjA4MDk1MmYwZTA0LzEvMy1hZUFGOUpiRzZBN0VLbWIwLXlYYnJXRzlVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0 LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg7jgDAN BgkqhkiG9w0BAQsFAAOCAQEAhGvyUTFaeyL+d0CvEPbsflCuNGKasxfvpYjrpBCv 721lEsK0v8VqesMaw/QzoqWW8BX0OgowkSUOggZ5oxWmmyMQdx+WLPJy14UAzkz6 sKT8jssu98KVPg9irNQNI0LL3B1EddOjSD+6L43NTNEt/t2e8I35iV5Y2uy/i9S8 ldlRLzcfHArBhh9ywq/+CuUdA9RZGcZO2XG/OwwlBfvuTPpj3ZVhvW1RWhbEjqBp B40lCaIzSDMIWURLj8By0uv/9zEjXuy26Kbo2KJLozDpFBlxsHKHUcRWt1Xl+XLX 4wWV7J/2L6WL+1WZRNoYQnGBCzrbjmTyAssHUQMjXX/x1Q== -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:08 2026 by rpki-client